/** * verifyGalleryPermissions will check for permissive permissions of all galleries owning a given item * * @param array $pPermName * @access public * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure */ function verifyGalleryPermissions($pPermName) { global $gBitSystem, $gBitUser; $ret = FALSE; if ($this->isValid() && !empty($pPermName)) { // get all gallery content ids $galleryContentIds = $this->getParentGalleries(); if (!empty($galleryContentIds) && is_array($galleryContentIds)) { $gallery = new TreasuryGallery(); foreach ($galleryContentIds as $gcid) { // reduce load: we don't need to fully load the gallery to load the permissions $gallery->mContentId = $gcid; if ($gallery->hasUserPermission($pPermName)) { // we only need one gallery that allows us to download the file return TRUE; } } } } $gBitSystem->fatalPermission($pPermName); return $ret; }
/** * Get the last gallery created by this user. If the user hasn't created a gallery, create one * * @param string $pNewName Name of the new gallery * @access public * @return Gallery Id of the default gallery */ function getDefaultGalleryId($pNewName = NULL) { global $gBitUser, $gContent; // as default gallery, we pick the first one created by this user $gal = new TreasuryGallery(); $getHash = array('user_id' => $gBitUser->mUserId, 'max_records' => 1, 'sort_mode' => 'created_asc'); $upGal = $gal->getList($getHash); if (@BitBase::verifyId(key($upGal))) { $ret = key($upGal); } elseif ($gBitUser->hasPermission('p_treasury_create_gallery')) { // Since the user can create a new gallery, we simply create a new one if (empty($pNewName)) { $pNewName = $gBitUser->getDisplayName() . "'s File Gallery"; } $galleryHash = array('title' => $pNewName); if ($gal->store($galleryHash)) { $ret = $gal->mContentId; } } else { // if we reach this section, we'll simply pick the first gallery we can find and dump all files in there $getHash = array('max_records' => 1, 'sort_mode' => 'created_asc'); $upGal = $gal->getList($getHash); if (@BitBase::verifyId(key($upGal))) { $ret = key($upGal); } else { // we need to report that there is absolutely no way we can place the gallery anywhere $this->mErrors['no_default'] = tra('We could not find a viable gallery where we can store your upload'); } } if (!$gContent->isValid()) { $gContent = new TreasuryGallery($ret); } return $ret; }
<?php /** * @version $Header$ * * @author xing <*****@*****.**> * @package treasury * @copyright 2003-2006 bitweaver * @license LGPL {@link http://www.gnu.org/licenses/lgpl.html} **/ /** * Setup */ global $gContent; if (@BitBase::verifyId($_REQUEST['structure_id'])) { $gContent = new TreasuryGallery($_REQUEST['structure_id']); $gContent->load(TRUE); } elseif (@BitBase::verifyId($_REQUEST['content_id'])) { $gContent = new TreasuryGallery(NULL, $_REQUEST['content_id']); $gContent->load(TRUE); } else { $gContent = new TreasuryGallery(); } $gBitSmarty->assigByRef('gContent', $gContent);
/** * Returns HTML link to display a gallery or item * * @param $pTitle is the gallery we want to see * @param $pContentId content id of the gallery in question * @return the link to display the page. **/ function getDisplayLink($pLinkText = NULL, $pMixed = NULL, $pAnchor = NULL) { global $gBitSystem; if (empty($pLinkText) && !empty($this)) { $pLinkText = $this->getTitle(); } if (empty($pMixed) && !empty($this)) { $pMixed = $this->mInfo; } $ret = $pLinkText; if (!empty($pLinkText) && !empty($pMixed)) { if ($gBitSystem->isPackageActive('treasury')) { $ret = '<a title="' . htmlspecialchars($pLinkText) . '" href="' . TreasuryGallery::getDisplayUrlFromHash($pMixed) . '">' . htmlspecialchars($pLinkText) . '</a>'; } } return $ret; }
// this interferes with the deletion $verifyStructurePermission = 'p_treasury_update_gallery'; include_once LIBERTY_PKG_PATH . 'edit_structure_inc.php'; // get all the nodes in this structure foreach ($rootTree as $node) { $galleryStructure[$node['structure_id']] = str_repeat('-', $node['level']) . ' ' . $node['title']; } $gBitSmarty->assign('galleryStructure', $galleryStructure); } if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'edit') { $gBitSmarty->assignByRef('galInfo', $gContent->mInfo); } if (!empty($_REQUEST['treasury_store'])) { // $rootStructure is created in edit_structure_inc.php $_REQUEST['root_structure_id'] = !empty($rootStructure->mStructureId) ? $rootStructure->mStructureId : NULL; $galleryStore = new TreasuryGallery(NULL, !empty($_REQUEST['gallery_content_id']) ? $_REQUEST['gallery_content_id'] : NULL); $galleryStore->load(); // pass thumbnail upload on to storage hash if (!empty($_FILES['icon']['tmp_name'])) { $_REQUEST['thumb'] = $_FILES['icon']; } if ($galleryStore->store($_REQUEST)) { bit_redirect($galleryStore->getDisplayUrl() . "&refresh=1"); } else { $feedback['error'] = $galleryStore->mErrors; } } if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'remove_gallery' || !empty($_REQUEST['confirm'])) { if (@BitBase::verifyId($_REQUEST['content_id'])) { if ($_REQUEST['action'] == 'remove_gallery' && !empty($_REQUEST['confirm'])) { if ($gContent->expunge(!empty($_REQUEST['force_item_delete']))) {
require_once TREASURY_PKG_PATH . "TreasuryItem.php"; require_once RSS_PKG_PATH . "rss_inc.php"; $rss->title = $gBitSystem->getConfig('treasury_rss_title', $gBitSystem->getConfig('site_title') . ' - ' . tra('File Galleries')); $rss->description = $gBitSystem->getConfig('treasury_rss_description', $gBitSystem->getConfig('site_title') . ' - ' . tra('RSS Feed')); // check permission to view treasury item if (!$gBitUser->hasPermission('p_treasury_view_item')) { require_once RSS_PKG_PATH . "rss_error.php"; } else { $listHash = array('max_records' => $gBitSystem->getConfig('treasury_rss_max_records', 10), 'sort_mode' => 'last_modified_desc', 'gallery_content_id' => !empty($_REQUEST['gallery_content_id']) ? $_REQUEST['gallery_content_id'] : NULL, 'user_id' => !empty($_REQUEST['user_id']) ? $_REQUEST['user_id'] : NULL); // check if we want to use the cache file // we'll use groups to cache rss feeds with different permissions $cacheFile = TEMP_PKG_PATH . RSS_PKG_NAME . '/' . TREASURY_PKG_NAME . '/' . "g{$listHash['gallery_content_id']}u{$listHash['user_id']}" . $cacheFileTail; $rss->useCached($rss_version_name, $cacheFile, $gBitSystem->getConfig('rssfeed_cache_time')); // if we have a gallery we can work with - load it if (@BitBase::verifyId($_REQUEST['gallery_content_id'])) { $gallery = new TreasuryGallery(NULL, $_REQUEST['gallery_content_id']); $gallery->load(); $rss->title .= " - {$gallery->getTitle()}"; } $treasury = new TreasuryItem(); $feeds = $treasury->getList($listHash); // set the rss link $rss->link = TREASURY_PKG_URI; $gBitSmarty->loadPlugin('smarty_modifier_display_bytes'); // get all the data ready for the feed creator foreach ($feeds as $feed) { $item = new FeedItem(); $item->title = $feed->getTitle(); $item->link = $feed->getField('display_url'); $item->date = (int) $feed->getField('last_modified'); $item->source = BIT_ROOT_URI;
} if (!empty($_FILES['file']['tmp_name'])) { $_REQUEST['upload'] = $_FILES['file']; } if ($gContent->store($_REQUEST)) { $feedback = $gContent->mErrors; } // give some feedback if all went well if (empty($feedback['error'])) { $feedback['success'] = tra('The settings were successfully applied.'); } // now that the file has been updated, we return to the view page bit_redirect($gContent->mInfo['display_url']); } // move file back to where it was if (!empty($_REQUEST['reprocess_upload']) && !empty($tmpfile) && is_file($tmpfile)) { // move file back to where it should be rename($tmpfile, $gContent->mInfo['source_file']); } // get a list of galleries this file is already part of $galleryContentIds = $gContent->getParentGalleries(); $gBitSmarty->assign('galleryContentIds', $galleryContentIds); $gallery = new TreasuryGallery(); $listHash['get_sub_tree'] = TRUE; $listHash['max_records'] = -1; $listHash['content_permission'] = 'p_treasury_upload_item'; $galleryList = $gallery->getList($listHash); $gBitSmarty->assign('galleryList', $galleryList); $gContent->invokeServices('content_edit_function'); $gBitSmarty->assign('feedback', !empty($feedback) ? $feedback : NULL); $gBitSystem->display("bitpackage:treasury/edit_item.tpl", tra("Edit File"), array('display_mode' => 'edit'));
if (!$gContent->isValid()) { $gBitSystem->setHttpStatus(404); $gBitSystem->fatalError(tra("The requested file could not be found")); } // check view permission as set for the gallery $gContent->verifyViewPermission(); $gContent->verifyGalleryPermissions('p_treasury_view_item'); // load the parent gallery as well if (@BitBase::verifyId($_REQUEST['structure_id'])) { $gGallery = new TreasuryGallery($_REQUEST['structure_id']); $gGallery->load(); } else { // if we don't have a structure id to go by, we just get a gallery we can work with $galleryContentIds = $gContent->getParentGalleries(); if (@BitBase::verifyId($galleryContentIds[0])) { $gGallery = new TreasuryGallery(NULL, $galleryContentIds[0]); $gGallery->load(); } } // invoke services $displayHash = array('perm_name' => $gContent->mViewContentPerm); $gContent->invokeServices('content_display_function', $displayHash); $galleryDisplayPath = $gContent->getDisplayPath($gContent->getGalleryPath($gGallery->mStructureId)); $gBitSmarty->assign('galleryDisplayPath', $galleryDisplayPath); $gBitSmarty->assignByRef('gGallery', $gGallery); if (is_object($gGallery) && $gContent->isCommentable()) { $commentsParentId = $gContent->mContentId; $comments_vars = array(TREASURYITEM_CONTENT_TYPE_GUID); $comments_prefix_var = TREASURYITEM_CONTENT_TYPE_GUID . ':'; $comments_object_var = TREASURYITEM_CONTENT_TYPE_GUID; $comments_return_url = $gContent->getDisplayUrl();